Version 1.0 Date 15/10/2020
The purpose of this Privacy Policy is to inform you about the collection, use and processing of your personal data. We may update this Policy by publishing an amended version on our website, in particular to adapt it to legislative and regulatory developments or changes. In this case, we will inform you of these changes by amending the effective date at the top of this Policy.
1. Who is responsible for processing my personal data?
In this Privacy Policy, Cleanis means Cleanis and its affiliates. Cleanis, as the controller of your personal data, determines the purposes and means of the processing.
We have appointed a Data Protection Officer. He can be contacted at the following e-mail address: dpo[at]innothera.com.
2. What personal data do we collect?
When you browse our websites, you may provide us with personal data about yourself, including :
- Identification data such as name, postal address, email address, telephone number, etc. ;
- Connection data concerning your use of our websites if you open or transfer our communications, including data collected using cookies and other tracking technologies.
Further information on this subject is available here in our cookies policy. In the context of vigilance (side effects of products), you may provide us with personal data such as date of birth, gender, medical history, etc., which we will use to monitor your use of our products.
3. What are the purposes for which we collect your personal data?
Cleanis may collect personal data about you for the following reasons:
- To communicate with you, for example when you send us a message using the contact form on our websites or to send you newsletter-type communications relating to our products and services or to invite you to professional events and webinars;
- To give you access to our online services and in particular to manage your online accounts;
- To improve our products and services and our communications with you;
- To identify and authenticate you; for example, if you wish to exercise your right of access to your personal data, we will ask you for a copy of your national identity card or passport;
- To carry out statistical analyses;
- To meet our legal and regulatory obligations;
- To safeguard our legitimate interests or the legitimate interests of third parties, provided that your interests do not override ours (analysis carried out on a case-by-case basis);
- To respond to requests from administrative and judicial authorities.
4. What are the legal grounds for processing your personal data?
We process your data only if the regulations on the protection of personal data authorise us to do so.
Depending on the purpose of the processing, Cleanis will process your personal data on one of the following legal bases:
- The performance of a contract entered into with you: we need to collect your personal data to set up the contract and to perform it;
- Our legitimate business interests to send you communications whose content is relevant to you and to improve your experience of using our products and services;
- Your consent: depending on the processing involved, your consent may be required. You may withdraw it at any time and for the future in accordance with the withdrawal procedure set out in the "Your rights" section below;
- Our legal obligations: for example, in the context of vigilance, we process the personal data you provide to us.
5. How long do we keep your personal data?
We only keep your personal data for as long as is necessary for the purposes for which we process it.
6. With whom do we share your personal data?
We may share your personal data with
- Companies in the INNOTHERA Group for the purposes described in this Policy;
- Our service providers, for example to provide hosting for our websites;
- Partners with whom we collaborate for the development and promotion of our products or services;
Administrative and judicial authorities. Cleanis may transfer your personal data to countries outside the European Economic Area. In this case, we implement appropriate measures and use, for example, the European Commission's Standard Contractual Clauses to ensure that the recipient of the data guarantees a sufficient level of data protection.
7. How do we protect your personal data?
The security measures taken by Cleanis aim to protect and maintain the security, integrity and availability of your personal data.
Although there is no data transfer or storage system that guarantees absolute security, Cleanis and its service providers and partners work to maintain physical and electronic safeguards for your personal data.
We apply the following security measures, among others:
- Our IT infrastructures are equipped with firewalls to prevent unauthorised access;
- Access to your personal data is strictly restricted on a "need-to-know" basis and for the purposes set out in paragraph 3 "What are the purposes for which we collect your personal data" above.
We constantly monitor access to IT systems to detect and prevent misuse of data.
8. What are your rights?
Where the applicable regulations on the protection of personal data so provide, you may exercise the following rights:
- Request access to your personal data: this information includes the categories of data processed, the reasons (purposes) for which we
- process your data, the origin of the data where we have not collected it from you and the recipients to whom we transmit your data;
- Obtain rectification of your personal data if it is inaccurate, incomplete or needs updating;
- Obtain the deletion of your personal data provided that we are authorised to do so by law;
- Withdraw your consent at any time and for the future where we have collected and processed your personal data on the basis of your consent (the withdrawal of consent does not affect the lawfulness of the processing carried out prior to the withdrawal);
- You may object at any time to the processing of your personal data where it is collected and processed on the basis of our legitimate interests;
- Request a processing restriction to temporarily freeze the use of some of your data;
Give instructions on what to do with your personal data after your death. You can exercise your rights by contacting our Data Protection Officer at dpo[at]innothera.com. If, after contacting us, you feel that we have not responded correctly to your request, you may lodge a complaint with the relevant personal data protection authority.